13.2.5 Peripherals Security Attribution

In addition to generic protection features, the Peripheral Access Controller (PAC) configures the security privileges for each individual peripheral in the system.

Each peripheral can only be configured either in Secure or in Non-Secure mode except the IDAU and NVMCTRL peripherals, which are always Secured, and the DSU peripheral which is always Non-Secured.

The PAC NONSECx registers (read only) contain one bit per peripheral for that purpose, which is the image of the NONSECx fuses from the NVM User row (UROW).

During Boot ROM execution, the NONSECx fuses from the NVM User row are copied in the PAC peripheral NONSECx registers so that they can be read by the application.

All peripherals are marked as "exempt" in the memory map, meaning that all bus transactions are propagated. As a consequence, any illegal accesses are reported back to the PAC and trigger an interrupt if enabled.

The security configuration (Secure or Non-Secure) is propagated to each individual peripheral, thus it is the responsibility of the peripheral to grant or not the access with the following rules:

  • If the peripheral is configured as Non-Secure in the PAC:
    • Secure and Non-Secure accesses are granted
  • If the peripheral is configured as Secure in the PAC:
    • Secure access is granted
    • Non-Secure access is discarded (Write is ignored, read 0x0), a PAC error is triggered
      Important: These rules do not apply to the specific peripherals called Mix-Secure peripherals.
Note: The Secure application will usually provide an API for the Non-Secure application using the Non-Secure Callable region (NSC) to allow the Non-Secure application to request specific resources.
Table 13-8. Peripheral PAC Security Attribution (Excluding Mix-Secure Peripherals)
Mode Secure Host Access Non-Secure Host Access
Non-Secure Read / Write Read / Write
Secure Read / Write Discarded (Write ignored / Read 0x0)

PAC Error is generated